We use cookies to improve your experience on our site. By using our website you are agreeing to use our cookies. For more information see our Legal Terms page.

Switching jobs? Don’t bring old personal information with you!

Posted October 21, 2014 by Jenny Green

Man-holding-computer.jpg

Have you ever thought about taking documents, such as templates, reports and notes, with you when you changed jobs? After all, you might think it’ll be useful in your new role so that’s perfectly acceptable, right? Wrong!  In fact, taking personal information from your employer is illegal and can lead to criminal charges and fines.

Last month, a paralegal in Yorkshire was prosecuted after taking personal information with him when he moved to a rival firm in 2013, according to a recent article by the Information Commissioner’s Office (ICO). The information was contained in six emails sent in the weeks prior to leaving the firm, which he hoped to use in his new role. The (ICO) is now warning employees that if they take personal information with them when they leave a job, they are committing a criminal offence.

So whether it is Excel sheets, file notes or templates, if those documents contain any personal information – from names and contact details to job titles - then they shouldn’t be going anywhere they are not authorised to go. The paralegal was charged under section 55 of the Data Protection Act,fined £300, ordered to pay over £400 over costs and is now the proud owner of a permanent criminal record.Is it really worth it for just a few emails?

The ICO explains that sometimes employees believe that work related documents that they have produced or worked on belong to them but if any of those documents include personal information then they will be breaking the law if they take them without authorisation. At the moment, perpetrators can be fined but the ICO is currently calling for more effective deterrents - including the threat of prison sentences - to be available to the courts to further discourage illegal sharing of personal information.

And it’s not just those purposefully sharing personal information who are at risk of fines: in a recent YouGov poll half of British workers who sometimes work away from their office admitted to possibly risking a security breach by being careless with sensitive information and said they either ignore their company’s security policies outright or they’re just not aware of any.

In Shred-it’s 2014 Security Tracker Survey conducted by Ipsos Mori, it was revealed that only half of UK SMEs and two thirds of large businesses have protocols in place for storing and disposing of confidential waste documents and data, which is actually followed consistently by employees. 
Anyone in the UK who processes personal information is required to comply with the eight principles of the Data Protection Act, to ensure that personal information is:

  • Fairly and lawfully processed
  • Processed for limited purposes
  • Adequate, relevant and not excessive
  • Accurate and up to date
  • Not kept for longer than is necessary
  • Processed in line with subjects’ rights
  • Secure
  • Not transferred to other countries without adequate protection

Interested in finding out more about ensuring your organisation remains lawful when it comes to storing and disposing of personal information? Learn more about how to establish and maintain trust by developing a culture of security in our newsletter on implementing and enforcing document security protocols.

Join the conversation on information security with Shred-it on Twitter @Shredit_UK.


Let Shred-it help keep your workplace secure.

Stay informed with the latest in information security news and promotions.

×

Request a Quote

Fill out the form or call 0800 197 1164 to start protecting your business today!

×